Blogs

Computer Forensics Blog

Every organization will eventually deal with cyber-crime. Fraud, intrusion, insider threats, phishing and other cyber-crimes are now a fact of life. If you are an IT or law enforcement professional and don't know how to look for and sort out these cases, your skills are becoming less valuable every day. SANS developed this site and the related resources to provide a 'home' for those that are focused on computer forensics. You can find advice, research, training, and other resources to unravel incidents and fight crime.

Security Awareness Blog

SANS Securing the Human is the world's leading provider of information security awareness training. We can quickly supply everything you need for a comprehensive security awareness program; including online training, newsletters, posters, screensavers, banners, flyers and other materials.

Security Trends Blog

The challenges security managers face never stand still. Threats change, new technologies appear, global conflicts arise, economic cycles drive business change - the trends in each of these areas have profound and complex impact on successful security strategies. The SANS Security Trends blog will highlight and analyze emerging security trends and discuss new data from SANS, vendors, government sources, the security community and current events. Join us in finding the meaningful events and predictions amidst all the hype and noise.

Industrial Control Systems Security Blog

SANS has joined forces with industry leaders and experts to strengthen the cybersecurity of Industrial Control Systems (ICS). The initiative is equipping security professionals and control system engineers with the security awareness, work-specific knowledge, and hands-on technical skills they need to secure automation and control system technology.

Internet Storm Center Diary/Blog

The Internet Storm Center gathers millions of intrusion detection log entries every day, from sensors covering over 500,000 IP addresses in over 50 countries. It is rapidly expanding in a quest to do a better job of finding new storms faster, identifying the sites that are used for attacks, and providing authoritative data on the types of attacks that are being mounted against computers in various industries and regions around the globe. The Internet Storm Center is a free service to the Internet community. The work is supported by the SANS Institute from tuition paid by students attending SANS security education programs. Volunteer incident handlers donate their valuable time to analyze detects and anomalies, and post a daily diary of their analysis and thoughts on the Storm Center web site.

Penetration Testing Blog

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver real savings and security to the business.

Software Security Blog

Cyber Defense Blog

Most of the computers targeted for attack run Microsoft Windows. Securing Windows against hackers and APT malware requires constant adaptation and cutting-edge tools. The Windows Security Blog covers a variety of topics related to every hacker's favorite operating system. The blog also aims to provide free PowerShell scripts to automate many security tasks.

SANS Technology Institute (STI) Blogs

SANS is a thought leader in information security making The SANS Technology Institute one of the nation's leading security graduate schools that grants Masters degrees in information security. Students are taught to be leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security. At SANS, the wisdom of industry and business, college academia and practical skills merge as students are taught by leaders with a demonstrated track record of leadership, knowledge and expertise in information technology and security.

SANS Security Insights Blog

Industrials & Infrastructure Blog

At SANS, we understand your time is both valuable and limited. The Industrials & Infrastructure (I&I) Practice Area was created to enhance how SANS engages with critical industry sectors. Leverage the SANS I&I lens to keep up-to-date and target resources and events that matter most to you and your industry.